diff options
-rw-r--r-- | source3/auth/auth_util.c | 36 | ||||
-rw-r--r-- | source3/auth/auth_winbind.c | 3 |
2 files changed, 30 insertions, 9 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 3dc0fdbe46..c474049617 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -926,21 +926,38 @@ static NTSTATUS fill_sam_account(TALLOC_CTX *mem_ctx, fstring dom_user; struct passwd *passwd; - fstr_sprintf(dom_user, "%s%s%s", - domain, lp_winbind_separator(), username); + fstr_sprintf(dom_user, "%s%s%s", domain, lp_winbind_separator(), + username); passwd = Get_Pwnam(dom_user); + + if ( passwd ) { + char *p; + + /* make sure we get the case of the username correct */ + /* work around 'winbind use default domain = yes' */ + + p = strchr( passwd->pw_name, *lp_winbind_separator() ); + if ( !p ) + fstr_sprintf(dom_user, "%s%s%s", domain, + lp_winbind_separator(), passwd->pw_name); + else + fstrcpy( dom_user, passwd->pw_name ); + } + else { + /* if the lookup for DOMAIN\username failed, try again + with just 'username'. This is need for accessing the server + as a trust user that actually maps to a local account */ - /* if the lookup for DOMAIN\username failed, try again - with just 'username'. This is need for accessing the server - as a trust user that actually maps to a local account */ - - if ( !passwd ) { fstrcpy( dom_user, username ); passwd = Get_Pwnam( dom_user ); + + /* make sure we get the case of the username correct */ + if ( passwd ) + fstrcpy( dom_user, passwd->pw_name ); } - if (passwd == NULL) + if ( !passwd ) return NT_STATUS_NO_SUCH_USER; *uid = passwd->pw_uid; @@ -953,6 +970,9 @@ static NTSTATUS fill_sam_account(TALLOC_CTX *mem_ctx, --jerry */ *found_username = talloc_strdup(mem_ctx, dom_user); + + DEBUG(5,("fill_sam_account: located username was [%s]\n", + *found_username)); return pdb_init_sam_pw(sam_account, passwd); } diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c index d09987ba37..0e2820313e 100644 --- a/source3/auth/auth_winbind.c +++ b/source3/auth/auth_winbind.c @@ -76,7 +76,8 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, } if (strequal(user_info->domain.str, get_global_sam_name())) { - DEBUG(3,("check_winbind_security: Not using winbind, requested domain was for this SAM.\n")); + DEBUG(3,("check_winbind_security: Not using winbind, requested domain [%s] was for this SAM.\n", + user_info->domain.str)); return NT_STATUS_NOT_IMPLEMENTED; } |